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Background of the Invention 

1 . Field of the In vention 

This invention relates to enhanced network services us- 
ing a subnetwork of communicating processors. 

2. Description of Related Art 

A computer network having more than one possible mes- 
sage delivery path, such as for example a network of computer 
networks (an "internetwork")/ generally comprises a set of proc- 
essors which have the task of routing each message from its 
source to its destination. These processors (herein called 
"routers", but sometimes called "bridges", "brouters", or other 
terms) generally interoperate using a common distributed routing 
technique. For example, (1) routers generally exchange informa- 
tion about routing conditions in the network, so as to globally 
inform all routers of conditions which are detected locally, (2) 
routers generally each route messages according to the same tech- 
niques using the same routing technique. 

The collection of routers (herein called the "subnet" 
of routers) thus has access to a rich collection of distributed 
information about the status of the network needed for routing 
messages therein, including detailed and up-to-date information 
about the network topology, relative distance measures in the 
network, administrative policies in force in the network (such 
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as, for example, network u firewalls" or routers which will route 
only a subset of messages) , and other information. It would be 
advantageous to provide at least some of this distributed infor- 
mation to applications which might use it to provide enhanced 
services. Examples of such enhanced services, and how they would 
be provided, are described herein. 

The router subnet also provides a powerful and avail- 
able resource for distributing other information, not strictly 
required for the task of routing messages in the network, such 
as, for example, relative load at each host in the network. It 
would be advantageous to disseminate this information and provide 
at least some of it to applications which might use it to provide 
enhanced services. Examples of such enhanced services, and how 
they would be provided, are described herein. 

Accordingly, it would be advantageous to provide a 
method and system for enhanced network services using a subnet- 
work of communicating processors. 

The following U.S. Patent (s) or other documents may be 

pertinent : 

o R. Srinivasan, U RPC : Remote Procedure Call Protocol 
Specification Version 2", Network Working Group RFC 
1831 (August 1995) . 

The pertinence of the related art will also be apparent 
to those skilled in the art after perusal of this application. 
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Summary of th Invention 

The invention provides a method and system for provid- 
ing enhanced services for a network, using a subnetwork of commu- 
nicating processors. The enhanced services use information about 
the network which is available to the subnet of communicating 
processors (such as a set of routers) , interoperating using a 
common distributed technique for disseminating that network in- 
formation. In a first aspect of the invention, the router subnet 
collects network topology information and provides a service us- 
ing that network topology information, responsive to requests 
from non-routers (such as host processors) coupled to the net- 
work. The network topology information comprises information 
about paths and routes, including bandwidth, connectivity, delay, 
traffic reservations, and administrative policies applicable to 
those paths and routes . Routers providing the enhanced service 
have the option of requiring authentication for service requests . 

For a first example, the router subnet provides an en- 
hanced distributed naming service which, in addition to translat- 
ing server names into host addresses, also orders those host ad- 
dresses by relative distance in the network, or by another crite- 
rion designated by the client. For a second example, the router 
subnet provides an enhanced message delivery service which, in 
addition to delivering a message to a plurality of destinations, 
assures that all destinations receive the message at substan- 
tially the same time. 
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In a second aspect of the invention, the router subnet 
collects information advertised by hosts coupled to the network, 
and disseminates that host information to substantially all 
routers, using the common distributed technique for disseminating 
network topology information. In a first preferred embodiment, 
the host information comprises information about server processes 
available at the originating host (such as what services are 
available and to which users those services are available) . In a 
second preferred embodiment, the host information comprises in- 
formation about client processes operating at the originating 
host (such as which users are operating those client processes 
and which services they desire) . 

For a first example, hosts advertise their relative 
load for dissemination by the router subnet, and the router sub- 
net provides an enhanced distributed naming service which, in ad- 
dition to translating server names into host addresses, also or- 
ders those host addresses by relative load (or by both relative 
distance and relative load) . Similarly, hosts may also advertise 
other server information, such as cost for performing the ser- 
vice, delay in performing the service, or other administrative 
policies which would affect the choice of server. 

For a second example, hosts advertise their logged-in 
users for dissemination by the router subnet, and the router sub 
net provides an enhanced message-delivery service which, in addi 
tion to receiving messages for delivery, also delivers those mes 
sages to the host where the destination user is logged-in. Simi 
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larly, hosts may also advertise other client information, such as 
willingness to pay for performing a designated service, which the 
router subnet may disseminate for responses by servers or by 
other clients. 

Brief Description of the Drawings 

Figure 1A shows a block diagram of a system for provid- 
ing enhanced services, and also shows a block diagram of a system 
for providing enhanced services using server advertisements, in a 
computer network. Figure IB shows a flow diagram of a method for 
providing enhanced services, and also shows a flow diagram of a 
method for providing enhanced services using server advertise- 
ments in a computer network as shown in figure 1A. 

Figure 2A shows a block diagram of a system for provid- 
ing synchronized message receipt in a computer network. Figure 
2B shows a flow diagram of a method for providing synchronized 
message receipt in a computer network as shown in figure 2A. 

Figure 3A shows a block diagram of a system for provid- 
ing enhanced services using both client and server advertise- 
ments, in a computer network. Figure 3B shows a flow diagram of 
a method for providing enhanced services using both client and 
server advertisements, in a computer network as shown in figure 
3A. 
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Figure 4A shows formats for a set of packets for use 
with an authenticated remote procedure call transport ( w ART " ) 
protocol. Figure 4B shows a flow diagram for an authenticated 
remote procedure call transport protocol. 

Description of the Preferred Embodiment 

In the following description, a preferred embodiment of 
the invention is described with regard to preferred process steps 
and data structures. However, those skilled in the art would 
recognize, after perusal of this application, that embodiments of 
the invention may be implemented using a set of general purpose 
computers operating under program control, and that modification 
of a set of general purpose computers to implement the process 
steps and data structures described herein would not require un- 
due invention. 

Providing Enhanced Network Services 

Figure 1A shows a block diagram of a system for provid- 
ing enhanced services, in a computer network. Figure IB shows a 
flow diagram of a method for providing enhanced services, in a 
computer network as shown in figure 1A. 

In an internetwork 100 to which a network 101 is cou- 
pled, a client process 102 on a client node 103 contacts a server 
process 104 on a server node 105, to obtain data or a service. 
For example, the data may comprise a file located at the server 
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1 node 105; the service may comprise conducting a computation, pro- 

2 viding data in response to search parameters, or even just pro- 

3 viding the current time. 

4 

5 The verb "contacts" refers to communication between the 

6 client process 102 and the server process 104 using messages com- 

7 prising message packets which are transmitted using the internet- 

8 work 100 between the client process 102 and the server process 

9 104. Messages and message packets are transmitted using the in- 
10 ternetwork 100 using a subnet 110 of routers 111. Each router 

n 111 executes a routing technique which causes the routers 111 to 

12 collectively interoperate using a common distributed technique 

13 for routing messages and distributing information about the in- 

14 ternetwork 100. This network information is stored at each 

is router 111 in one or more network tables 112, and generally com- 

16 prises information about paths and routes, such as bandwidth, 

17 connectivity, delay, traffic reservations, and administrative 
is policies applicable to those paths and routes. 

19 

20 Particular routing techniques, such as IGRP, AppleTalk, 

21 and IPX, are known in the art of networking. 

22 

23 A method 150 is conducted in cooperation by various 

24 nodes and processes coupled to the internetwork 100. At a flow 

25 point 160 for the method 150, the client process 102 desires to 

26 contact a server process 104, the latter of which is coupled to 

27 the internetwork 100 . 

28 
29 
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1 At a step 161, the client process 102 first contacts a 

2 name server 105, which preferably comprises a server process 104 

3 executing on a server node 103 for which the client process 102 

4 already has a network address, using a name-request message 121. 

5 In this example, the name server 105 is shown executing on a dif- 

6 ferent node and coupled to the same network 101 as the client 

7 node 103, but there is no particular requirement that the name 

8 server 105 is in fact so disposed. For example, the name server 

9 105 may be located at the same node as the client process 102, or 
10 may be coupled to a different network 101 on the internetwork 

n 100, so long as the client process 102 has available to it a suf- 

12 ficient network address to transmit the name-request message 121 

13 to the name server 105 . 

14 

15 In a preferred embodiment, the name server 105 com- 

16 prises a DNS name server operating according to the DNS protocol. 

17 

18 The name-request message 121 asks the name server 105 

19 to translate an identifier for the service provided into a net- 

20 work address for a server process 104 providing that service. 

21 For example, the identifier may comprise a host name for a node 

22 coupled to the internetwork 100, such as "sanjose.cisco.com", and 

23 the name server 105 may translate that host name into an IP ad- 

24 dress for that node, such as "3.141.59.26". 

25 

26 At a step 162, the name server 105 receives the name- 

27 request message 121, parses the name-request message 121 to de- 

28 termine the name to be translated, looks up the name in a table 

29 it maintains for translating names into network addresses, and 
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1 transmits a name-response message 122 comprising one or more net- 

2 work addresses to the client process 102 at the client node 103. 

3 

4 In general, the name to be translated may specify a 

s service which is provided by more than one server process 104 or 

6 by more than one server node 105, so that the name server 105 has 

7 more than one network address to provide in the name-response 

8 message 122. In a preferred embodiment, the name server 105 pro- 

9 vides all such network addresses in the name-response message 

10 122. Order is not critical at this flow point of the method 150. 
n 

12 At a step 163, the client process 102 receives the 

13 name-response message 122 and parses the name-response message 

14 122 to determine the network addresses provided by the name 

is server 105. The client process 102 then contacts a router 111 

is using an order-request message 123. 

17 

is The order-request message 123 asks the router 111 to 

19 order a set of addresses by their relative distance on the inter- 

20 network 100. Preferably, the client process 102 packages the ad- 

21 dresses from the name-response message 122 into the order-request 

22 message 123 . 

23 

24 At a step 164, the router 111 receives the order- 

25 request message 123, parses the order-request message 123 to de- 

26 termine the set of addresses, looks up each address in its net- 

27 work tables 112 to determine a relative distance for that network 

28 address, orders the network addresses by relative distance, and 

29 
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1 transmits an order-response message 124 comprising the network 

2 addresses ordered relative distance. 

3 

4 The relative distance for each network address may dif- 

5 fer at different times, so the order provided by the router 111 

6 in the order-response message 124 may also differ in response to 

7 order-request messages 123 transmitted at different times. 

8 

9 In a preferred embodiment, the relative distance for 

10 each network address is computed in response to the expected time 

n delay in delivering a message from the client node 103 to the 

12 server node 105. It is expected that this expected time delay 

13 will be nearly the same as the expected time delay from the name 

14 server 105 . In alternative embodiments described below in which 
is the name server 105 orders the addresses in response to relative 
is distance information from the router 111, the ordering may turn 
17 out to differ from an ordering for the client node 103, but this 
is is not expected to be important unless the name server 105 is at 
19 a substantial relative distance from the client node 103 . 

20 

21 In alternative embodiments, the relative distance for 

22 each network address may also be computed in response to other 

23 information available to the router 111 in its network tables 

24 112, including for example (1) an expected bandwidth of a path 

25 from the client node 103 to the server node 105, (2) any traffic 

26 reservations on paths between the client node 103 to the server 

27 node 105, or (3) any administrative policies applicable to those 

28 paths between the client node 103 to the server node 105. For 

29 example, if a required path to one of the server nodes 105 is 
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1 known to the router 111 to be heavily trafficked between the 

2 hours of 9:00 a.m. and 5:00 p.m., that server node 105 may be as- 

3 signed a substantially higher relative distance responsive to 

4 that information. 

5 

6 Although in a preferred embodiment, the name-request 

7 message 121 and the order-request message 123 are both preferably 

8 transmitted by the client process 102, in alternative embodi- 

9 ments, alternative arrangements are possible which would obtain 

10 the same information for the client process 102. Such alterna- 

11 tive arrangements would be clear to those skilled in the art af- 

12 ter perusing this application, and are within the scope and 

13 spirit of the invention. In a first alternative embodiment, the 

14 name server 105 may obtain an ordering of network addresses from 
is the router 111, and may order the network addresses in the name- 
is response message 122. To do so, the name server 105 may transmit 
17 an order-request message 123 to the router 111 and use the re- 

is suits it receives in the order-response message 124. In a second 

19 alternative embodiment, the name server 105 may be located at the 

20 router 111, and may order the network addresses in the name- 

21 response message 122 in response to direct access to the network 

22 tables 112 . 

23 

24 In a preferred embodiment, the network address for one 

25 or more particular server nodes 105 may be restricted to those 

26 client processes 102 with sufficient authorization. In such a 

27 case, the name server 105 would require that the client process 

28 102 is authenticated, to determine that the name-request message 

29 121 really comes from the client process 102 and not someone 
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1 else, and that the client process 102 has sufficient permissions, 

2 in particular, that the name server 105 has been informed that 

3 the client process 102 is authorized to receive that information. 

4 A preferred authentication process is described below with refer- 

5 ence to figure 4. 

6 

7 In a preferred embodiment, the relative distance or 

8 other ordering information may also be restricted to those client 

9 processes 102 with sufficient authorization. In such a case, the 
10 router 111 would require that the client process 102 is authentic 
n cated, to determine that the name-request message 121 really 

12 comes from the client process 102 and not someone else, and that 

13 the client process 102 has sufficient permissions, in particular, 

14 that the router 111 has been informed that the client process 102 
is is authorized to receive that information. 

16 

iv In some cases, the router 111 may have insufficient in- 

18 formation to respond to the order-request message 123 on its own. 

19 In such a case, the router 111 may forward the order-request mes- 

20 sage 123 (or another message with similar information) to a sec- 

21 ond router 111. The second router 111 may also find that it must 

22 forward the order-request message 123 or other message, until one 

23 or more routers are reached which, individually or collectively, 

24 do have sufficient information to respond to the original order- 

25 request message 123. 

26 

27 At a step 165, the client process 102 selects a first 

28 one of the network addresses, preferably the network address with 

29 the smallest relative distance, and contacts the server process 
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104 on the server node 105 with that network address. In the 
case that the client process 102 is unable to contact the server 
process 104 at the first network address, the client process 102 
selects another, preferably the network address with the next 
smallest relative distance, and contacts the server process 104 
on the server node 105 with that network address. The client 
process 102 repeats this step until one of the server processes 
104 is contacted or the set of network addresses is exhausted. 



Automated Resource Distribution 

A first example enhanced network service is automated 
distribution of resources such as services. Some services are 
readily distributed by providing more than one service provider, 
each of which can fully provide substantially the same service. 
For example, a service providing a collection of data may be du- 
plicated by copying the data to multiple sites; a service provid- 
ing a program to be executed may be duplicated by copying the 
program to multiple sites, and providing resources for executing 
the program at each of those sites. 

In this example enhanced service, a resource to be 
automatically distributed is embodied in server processes 104 at 
a plurality of server nodes 105. For example, the resource may 
comprise one of the following : 
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o an FTP directory, such as a directory of files which may be 
copied from the server node 105 to the client node 103 using 
the "FTP" protocol; 

o a network news server, such as a server for providing mes- 
sages posted to "network news" or to a bulletin board sys- 
tem, and distributed substantially throughout a portion of 
the internetwork 100; 

o a World Wide Web page, such as a file comprising a set of 
data to be displayed, possibly including text, graphics, 
display commands, or motion picture data, and comprising one 
or more hypertext links to other such files; 

o a database and search engine, such as a program for receiv- 
ing search requests, executing those search requests against 
a database, and providing the results of such search re- 
quests; or 

o a time server, such as a program for providing a time of day 
or similar globally available information, such as a dic- 
tionary server, spell-checker or thesaurus. 

Other and further possibilities will readily occur to 
those skilled in the art after perusal of this application; such 
other and further possibilities would not require invention or 
undue experiment, and are within the scope and spirit of the in- 
vention . 
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The name servers 105 which translate the service name 
into network addresses are given the network addresses for the 
plurality of server nodes 105 at which the server processes 104 
may be found. This information is distributed to the name serv- 
ers 105 using a name server protocol such as the DNS protocol. 
Name server protocols are known in the art of networking, and so 
are not discussed in detail herein. 

Duplicating the server process 104 and distributing 
multiple network addresses for the service to the name servers 
105 has the following effects: When the name-request message 121 
is transmitted at the step 161 from the client process 102 to the 
name server 105, the name server 105 obtains a plurality of net- 
work addresses for server processes 104 at a plurality of server 
nodes 105. When the order-request message 123 is transmitted at 
the step 163 from the client process 102 to the router 111, the 
router 111 orders the plurality of network addresses for server 
processes 104 at a plurality of server nodes 105 by their rela- 
tive distance from the client node 103. When the client process 
102 contacts a server process 104 using a network address from 
the order-response message 124, the server process 104 which is 
chosen is the one at the server node 105 with the smallest rela- 
tive distance from the client node 103. 

Thus, when the client process 102 initiates the method 
150 to contact one of the server processes 104, it will automati- 
cally be assigned to the relatively nearest server process 104; 
when multiple client process 102 attempt to contact one of the 
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server processes 104, they will automatically be distributed 
among the set of server processes 104 which may be chosen. 

Synchronized Message Receipt 

Figure 2A shows a block diagram of a system for provid- 
ing synchronized message receipt in a computer network. Figure 
2B shows a flow diagram of a method for providing synchronized 
message receipt in a computer network as shown in figure 2A. 

A second example enhanced network service is synchro- 
nized distribution of messages to recipients, such as (1) assur- 
ing that a designated message is delivered to a recipient node on 
the internetwork 100 at a designated time, or (2) assuring that a 
designated message is delivered to multiple recipients at the 
same time. 

In this example enhanced service, a message is labeled 
with a set of designated destination nodes and a designated time 
for delivery to those destination nodes. For example, the mes- 
sage may comprise one of the following: 

o a financial news report, such as a ticker-tape entry which 
is intended for delivery to customers fifteen minutes after 
its occurrence in real time; or 
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1 o a wake-up call or other reminder, such as a greeting message 

2 which is intended for delivery at a time specified by the 

3 recipient. 

4 

5 In a preferred embodiment, each one of the routers 111 



6 maintains an indicator of the current time, synchronized across 

7 all routers 111 so that any pair of routers 111 will have the 

8 same value for the "current time", preferably within an error 

9 margin of less than about 0.5 milliseconds. This indicator may 
10 be recorded in the network tables 112 or in another register 

n within each router 111. The routers 111 may maintain this indi- 

12 cator by means of a network time protocol, or by some other tech- 

13 nique. Network time protocols, which are preferred, are known in 

14 the art of networking. 

15 

16 A method 250 is conducted in cooperation by the client 

17 process 102 and various routers 111 on the internetwork 100. At 
is a flow point 260 for the method 250, the client process 102 de- 

19 sires to send a message 200 for receipt at a destination node 201 

20 at a designated time. 

21 

22 At a step 261, the client process 102 contacts one of 

23 the routers 111 using a timed message 210. Since all messages on 

24 the internetwork 100, other than those limited to the local net- 

25 work 101, are transmitted using one or more routers 111, the cli- 

26 ent process 102 need only transmit the timed message 210 to the 

27 destination node 201 as if it were to transmit any other message 

28 to the destination node 201, and the timed message 210 will be 

29 received by one of the routers 111 along a path to the destina- 
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1 tion node 201. The timed message 210 comprises an ordinary mes- 

2 sage for delivery to, plus a header designating the desired time 

3 for receipt at, the destination node 201. 

4 

5 At a step 262, one of the routers 111 along a path to 

6 the destination node 201 receives the timed message 210 and 

7 parses it to determine the destination node 2 01, and determines 

8 if it would be one of the routers 111 to effect final delivery of 

9 the message to the destination node 201. If there is a single 

10 destination node 201, there will be only one such router 111; if 

11 there are multiple destination nodes 2 01, there may be more than 

12 one such router 111. If this router 111 would not effect final 

13 delivery, the method 250 continues with the step 263; if this 

14 router 111 would effect final delivery, the method 250 continues 
is with the step 264 . 

16 

17 At a step 263 (the router 111 would not effect final 

18 delivery) , the router 111 forwards the timed message 210 to the 

19 next router 111 in the path to the destination node 201, just 

20 like any other message. In a preferred embodiment, if the de- 

21 sired time for receipt is very soon, the router 111 may reply to 

22 the client process 102 with an error message, indicating that de- 

23 livery at the designated time is impossible, unlikely, or merely 

24 not guaranteed. In alternative embodiments, if the desired time 

25 for receipt is very soon, the router 111 may give priority to the 

26 timed message 210 over other messages. 

27 

23 At a step 264 (the router 111 would effect final deliv- 

29 ery) , the router 111 holds the timed message 210 until the desig- 
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1 nated time for delivery to the destination node 201, and at that 

2 time, delivers the message just like any other message. In a 

3 preferred embodiment, if the current time is past the desired 

4 time for receipt, the router 111 may reply to the client process 

s 102 with an error message, indicating that delivery at the desig- 

6 nated time did not occur, and may either discard the message or 

7 deliver it late. In alternative embodiments, if the desired time 

8 for receipt is very soon, the router 111 may give priority to the 

9 timed message 210 over other messages. 

10 

11 In a preferred embodiment, the capability to send a 

12 timed message 210 may be restricted to those client processes 102 

13 with sufficient authorization. In such a case, the first router 

14 111 to receive and parse a timed message 210 would require that 

15 the client process 102 is authenticated, to determine that the 

16 timed message 210 really comes from the client process 102 and 

17 not someone else, and that the client process 102 has sufficient 
is permissions, i.e., that the router 111 has been informed that the 
19 client process 102 is authorized to send timed messages 210. 

20 



21 
22 
23 
24 
25 
26 
27 
28 
29 



Enhanced Services Using Server Advertisements 

Figure 1A also shows a block diagram of a system for 
providing enhanced services using server advertisements, in a 
computer network. Figure IB also shows a flow diagram of a 
method for providing enhanced services using server advertise- 
ments, in a computer network as shown in figure 1A. 
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1 In a preferred embodiment, the method 150 is supple- 

2 mented by using information "advertised" by the server processes 

3 104. At a flow point 17 0 for the supplemented method 150, one of 

4 the server processes 104 desires to disseminate server advertis- 

5 ing information to the subnet 110 of routers 111 for use with an 

6 enhanced network service. 

7 

8 The server advertising information comprises any infor- 

9 mation provided by one of the server processes 104 for dissemina- 

10 tion to the subnet 110 of routers 111. For example, server ad- 

11 vertising information may comprise the following: 



12 

13 o relative load at the server node; 

14 

15 o resources available at the server node, such as what ser- 

16 vices are available and to which classes of client process 

17 102 those services are available, amount of free mass stor- 

18 age space or free processor time; 

19 

20 o services available at the server node, to which classes of 

21 users those services are available, cost for performing 

22 those services, expected delay in performing those services, 

23 or other administrative policies which could affect the 

24 choice of server process 104 by a client process 102; or 

25 

26 o which persons are logged in at the server node 105. 

27 

28 At a step 171, one of the server processes 104 sends a 



29 server-info message 131 to one of the routers 111. 
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The routing technique is supplemented by providing that 
each one of the routers 111 disseminates information from the 
server-info message 131 to all routers 111 in the subnet 110. 
Each router 111 which receives the server-info message 131 per- 
forms the steps 172, 173, and 174. As a result, each router 111 
eventually receives the information to be disseminated in the 
server-info message 131 and stores that information in its net- 
work tables 112 . 

At a step 172, the router 111 receives the server-info 
message 131 and parses the server-info message 131 to determine 
the information to be disseminated. 

At a step 173, the router 111 stores the information to 
be disseminated in its network tables 112 . 

At a step 17 4, the router 111 forwards the information 
to be disseminated to a set of neighboring routers 111 in the 
subnet 110. 

In the supplemented method 150, the step 164 is supple- 
mented to determine the order for the network addresses respon- 
sive to the server advertising information. Thus for example, at 
the step 164 the router 111 orders the network addresses respon- 
sive to relative load on the server node 105, or responsive to 
both relative distance to the server node 105 and relative load 
on the server node 105 . 
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1 In other enhanced network services, the routers 111 may 

2 route messages to server processes 104 responsive to the server 

3 advertising information. For a first example, the server adver- 

4 tising information may comprise a list of persons who are cur- 

5 rently logged in at the server node 105, and the routers 111 may 

6 receive and route a person-to-person message naming a designated 

7 person to the server node 105 at which that designated person is 

8 logged in. For a second example, the server advertising informa- 

9 tion may comprise a set of administrative policies regarding 

10 traffic the server node 105 desires not to retransmit, and the 

n routers 111 may receive and route such messages away from such 

12 server nodes 105 . 

13 



14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 



Enhanced Services Using Both Client and Server Advertisements 

Figure 3A shows a block diagram of a system for provid- 
ing enhanced services using both client and server advertise- 
ments, in a computer network. Figure 3B shows a flow diagram of 
a method for providing enhanced services using both client and 
server advertisements, in a computer network as shown in figure 
3A. 

A method 350 is conducted in cooperation by various 
client processes 102, client nodes 103, server processes 104, and 
server nodes 105 and coupled to the internetwork 100. At a flow 
point 360 for the method 350, the client process 102 desires to 
disseminate client advertising information to the subnet 110 of 
routers 111 for use with an enhanced network service. 
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The client advertising information comprises any infor- 
mation provided by one of the client processes 102 for dissemina- 
tion to the subnet 110 of routers 111. For example, client ad- 
vertising information may comprise the following: 

o relative urgency of requests from the client process 102; or 

o willingness to pay for services from the server node 105. 

At a step 361, one of the client processes 102 sends a 
client-info message 301 to one of the routers 111, similar to the 
step 171. 

The routing technique is supplemented by providing that 
each one of the routers 111 disseminates information from the 
client-info message 301 to all routers 111 in the subnet 110. 
Each router 111 which receives the client-info message 3 01 per- 
forms the steps 362, 363, and 364. As a result, each router 111 
eventually receives the information to be disseminated in the 
client-info message 301 and stores that information in its net- 
work tables 112 . 

At a step 362, the router 111 receives the client-info 
message 301 and parses the client-info message 301 to determine 
the information to be disseminated, similar to the step 172. 
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! At a step 363, the router 111 stores the information to 

2 be disseminated in its network tables 112, similar to the step 

3 173 . 

4 

5 At a step 364, the router 111 forwards the information 

6 to be disseminated to a set of neighboring routers 111 in the 

7 subnet 110, similar to the step 174. 

8 

9 At a flow point 370 for the method 350, the server 

10 process 102 desires to disseminate server advertising information 

n to the subnet 110 of routers 111 for use with an enhanced network 

12 service . 

13 

14 The routing technique is also supplemented by providing 

15 that each one of the routers 111 disseminates information from 

is the server-info message 131 to all routers 111 in the subnet 110, 

17 similar to the supplemented method 150. Each router 111 which 

is receives the server-info message 131 performs the steps 372, 373, 

19 and 374. As a result, each router 111 eventually receives the 

20 information to be disseminated in the server-info message 131 and 

21 stores that information in its network tables 112. 

22 

23 At a step 372, the router 111 receives the server-info 

24 message 131 and parses the server-info message 131 to determine 

25 the information to be disseminated, similar to the step 172. 

26 

27 At a step 373, the router 111 stores the information to 

28 be disseminated in its network tables 112, similar to the step 

29 173. 
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2 At a step 374, the router 111 forwards the information 

3 to be disseminated to a set of neighboring routers 111 in the 

4 subnet 110, similar to the step 174. 

5 

6 At a flow point 3 80, one of the routers 111 receives 

7 both client advertising information and server advertising infor- 

8 mation. 

9 

io At a step 3 81, the router 111 matches the client adver- 

n tising information against the server advertising information. 

12 

13 The nature of this step 381 depends on the nature of 

14 the client advertising information and the server advertising in- 
is formation. For example, if the client advertising information 

16 indicates the desire to obtain a named service X for a price Y or 

17 less, and the server advertising information indicates the abil- 

18 ity to provide the named service X for a price Y or more, the 

19 router 111 obtains a match. Other situations in which the router 

20 111 might obtain a match include the following: 

21 

22 o the client process 102 has an indicated degree of urgency 

23 and the server process 104 has an indicated degree of ex- 

24 pected delay to perform the named service; 

25 

26 o the client process 102 has an indicated priority and the 

27 server process 104 has an indicated degree of free capacity 

28 to perform the named service; 

29 
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1 o the client process 102 has an indicated set of server re- 

2 quirements and the server process 104 has an indicated set 



3 of server capabilities to perform the named service; 

4 

5 o the client process 102 has an indicated set of subtasks of 

6 the named service to be performed and the server process 104 

7 has an indicated set of subtasks of the named service it is 

8 capable of performing; or 

9 

10 o the client process 102 has an indicated set of products or 

11 services a first associated user desires to obtain and the 

12 server process 104 has an indicated set of products or ser- 

13 vices a second associated user desires to provide, such as 

14 for example airline tickets, computer equipment, office sup- 
is plies, stocks or other securities, or other products or ser- 
16 vices . 

17 

is At a step 3 82, the router 111 transmits a client-match 



19 message 302 to the client process 102, and a server-match message 

20 3 03 to the server process 104, indicating the nature of the 

21 match. 

22 

23 At a step 3 83, the client process 102 and the server 

24 process 104 communicate about the matched information. 

25 
26 
27 
28 
29 



CISCP17 8C2 /MRO/DG 



CIS-012 



Authenticated Remote Procedure Call Transport 

Figure 4A shows formats for a set of packets for use 
with an authenticated remote procedure call transport ("ART") 
protocol . Figure 4B shows a flow diagram for an authenticated 
remote procedure call transport protocol. 

The ART protocol described herein comprises four types 
of packets: (1) an ART-request packet, indicating a request for a 
service to be performed at the remote site, (2) an ART-reply 
packet, indicating a response to the ART-request packet, (3) an 
ART-auth- challenge packet, indicating a challenge to the recipi- 
ent to show that the recipient is authorized to make the request, 
and (4) an ART-auth-response packet, indicating a response to the 
authorization challenge. 

A single transaction comprises the sequence (1) ART- 
request, (2) ART-reply. If authentication is performed, a single 
transaction comprises the sequence (1) ART-request, (2) ART-auth- 
challenge, (3) ART-auth-response, (4) ART-reply. 

All four types of packet comprise a fixed length packet 
header 400 and variable length packet data 410. The packet 
header 400 comprises a version number 401, a packet type value 
402, a reply port value 403, and a transaction identifier 404. 

The version number 401 comprises one octet (eight-bit 
byte) specifying the version of the remote procedure call proto- 
col . 
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The packet type value 402 comprises one octet specify- 
ing the type of operation the packet is for. In a preferred em- 
bodiment, a request packet has the value 1; a reply packet has 
the value 2; an authentication challenge packet has the value 3; 
an authentication response packet has the value 4 . 

The reply port value 403 comprises two octets specify- 
ing a 16-bit value of the port at which the client process 102 
expects to receive further ART protocol packets. The client sets 
this value with its first ART-request packet; thereafter the cli- 
ent and server copy this value to all packets for a single ART 
transaction . 

The transaction identifier 404 comprises four octets 
specifying a 32-bit unsigned integer identifier for a single 
transaction. The client sets this value with its first ART- 
request packet for each transaction; thereafter the client and 
server copy this value to all packets for a single ART transac- 
tion. In a preferred embodiment, the client chooses a random 
nonzero value for its first ART transaction and increments this 
value by one for each subsequent ART transaction; zero is a valid 
value which may occur by overflow. 

For the ART-request packet, the variable length packet 
data 410 comprises one or more requests. Each request comprises 
a mode/ type field 411, a length value 412, and a data field 413. 
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The mode/type field 411 comprises two octets specifying 
a one-bit authentication bit and- a 15-bit request type. 

The length value 412 comprises two octets specifying a 
16-bit count of the number of octets in the data field 413 . 

The data field 413 comprises the actual data for the 
request. Its interpretation may vary depending on the type of 
request . 

For the ART-auth-challenge packet, the variable length 
packet data 410 comprises one or more challenges, one for each 
request in the ART-request packet requiring authorization. Each 
challenge comprises the mode/type field 411, the length value 
412, and the data field 413, formatted like those for requests in 
the ART-request packet. 

The server copies the mode/type field 411 from the 
mode/type field 411 for the ART-request packet. 

The data field 413 comprises a randomly chosen chal- 
lenge value . 

For the ART-auth-response packet, the variable length 
packet data 410 comprises one response for each challenge in the 
ART-auth-challenge packet. Each response comprises the mode/type 
field 411, the length value 412, and the data field 413, format- 
ted like those in the ART-request packet. 
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The client copies the mode/type field 411 from the 
mode/type field 411 for the ART- auth- challenge packet. 

The data field 413 comprises the response value appro- 
priate to the corresponding challenge value. 

For the ART-reply packet, the variable length packet 
data 410 comprises one reply for each request in the ART-request 
packet. Each reply comprises the mode/ type field 411, the length 
value 412, and the data field 413, formatted like those in the 
ART-request packet, and a result field 414. 

The server copies the mode/ type field 411 from the 
mode/type field 411 for the ART-request packet. 

The result field 414 comprises two octets specifying a 
16-bit value indicating the success or failure of the correspond- 
ing request. If the request is successful, the value will be 
zero. If the request is not successful, the value will be non- 
zero, and particular nonzero values may (at the server's option) 
indicate the type of failure. 

The ART protocol 450 is conducted in cooperation by the 
client process 102 and the server process 104. At a flow point 
460 for the method 450, the client process 102 desires to initi- 
ate one or more ART requests. 

At a step 461, the client process 102 constructs an 
ART-request packet 470 for transmission to the server process 
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104, and transmits the ART-request packet 47 0 to the server proc- 
ess 104. The ART-request packet 470 comprises one or more re- 
quests, as described above. The client process 102 sets a timer 
to protect against the possibility that the packet will be lost. 
A preferred timer value is 30 seconds. If no reply is received, 
the client process 102 retries the request, up to five times. 
ART requests are therefore preferably idempotent. 

At a step 462, the server process 104 receives the ART- 
request packet 470 and parses the ART-request packet 470 to de- 
termine each of the requests. If authentication is required for 
one or more of the requests, the protocol 450 continues with the 
step 463 . If authentication is not required for any of the re- 
quests, the protocol 450 continues with the step 465. It is pos- 
sible that authentication will be required for some but not all 
of the requests in a single ART-request packet 470. 

At a step 463, the server process 104 constructs an 
ART-auth-challenge packet 471 for transmission to the client 
process 102, and transmits the ART-auth-challenge packet 471 to 
the client process 102. The server process 104 sets a timer to 
protect against the possibility that the packet will be lost. A 
preferred timer value is 3 0 seconds. If no response to the chal- 
lenge is received, the server process 104 need not retry the 
challenge . 

At a step 464, the client process 102 receives the ART- 
auth-challenge packet 471 from the server process 104, parses the 
ART-auth-challenge packet 471 to determine the challenge data, 
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determines the appropriate authorization response, constructs an 
ART-auth-response packet 47 2 for transmission to the server proc- 
ess 104, and transmits the ART-auth-response packet 472 to the 
server process 104. The client process 104 sets a timer to pro- 
tect against the possibility that the packet will be lost. A 
preferred timer value is 30 seconds. If no reply to the original 
request is received, the client process 104 retries the original 
request, up to file times. 

A preferred embodiment uses the shared secret model of 
authentication, as described in RFC-13 44, hereby incorporated by 
reference as if fully set forth herein. The server process 104 
generates a random challenge value for each request requiring au- 
thentication; the client process 102 and server process 104 each 
compute a hash function applied to the concatenation of the chal- 
lenge value and the shared secret. A preferred embodiment uses 
the MD5 hash function, as described in RFC-1321, hereby incorpo- 
rated by reference as if fully set forth herein. The client 
process 102 transmits the computed value as the response value to 
the server process 104, which matches the response value against 
its own computed value. Authentication succeeds if the response 
value matches the server's own computed value. 

Those skilled in the art will recognize, after perusal 
of this application, that other and further types of authentica- 
tion may be used instead or in addition. 

At a step 465, the server process 104 receives the ART- 
auth-response packet 472 from the client process 102, parses the 
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1 ART-auth-response packet 472 to determine the response data, and 

2 determines whether the authorization challenge was passed by the 

3 response. If the client process 102 passed the authorization 

4 challenge, the server process 104 performs the request, and the 

5 protocol continues with the step 466. If the client process 102 

6 failed to pass the authorization challenge, the server process 

7 104 generates an f ailed-authorization error, and the protocol 

8 continues with the step 466. 

9 

io At a step 466, the server process 104 constructs an 

n ART-reply packet 473 for transmission to the client process 102, 

12 and transmits the ART-reply packet 473 to the client process 102. 

13 

14 At a step 467, the client process 102 receives the ART- 

15 reply packet 47 3 from the server process 104 and parses the ART- 

16 reply packet 473 to determine the reply for each request. The 

17 client process 102 matches the transaction identifier for the 

is ART-reply packet 473 to a list of outstanding requests; if there 

19 is no match, the client process 102 discards the ART-reply packet 

20 473. 

21 

22 

Alternative Embodiments 

23 

24 Although preferred embodiments are disclosed herein, 

25 many variations are possible which remain within the concept, 

26 scope, and spirit of the invention, and these variations would 

27 become clear to those skilled in the art after perusal of this 

28 application. 
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